Frank McCourry
asked on
DNS Blank "A" Record with Name Servers on the Same Domain
We have a website - "www.ourdomain.com" wich is part of an active directory with the same domain name "ourdomain.com". The problem is that we want our customers to be able to visit http://ourdomain.com" and get our web page. Since the Windows DNS Servers automatically update their own "A" Records, I have multiple "Blank" records wich prevents this from happening. does anyone know a good workaround for this?
I'm confused with this post myself, but perhaps you have the "split-brain" DNS scenario going on? I see it happen all of the time. Someone will setup a local AD domain with the same name as their public name record, which causes problems for internal clients accessing web servers hosted elsewhere. A quick fix for that scenario would be to add a CNAME record for www that points to the public IP of the site your trying to reach.
Don't use your AD servers to host externally accessible DNS zones
Always use a different DNS server, either an external provider such as DynDNS/Hurricane Electric/freedns.afraid.or g
Always use a different DNS server, either an external provider such as DynDNS/Hurricane Electric/freedns.afraid.or
ASKER
To clarify:
1. Our active Directory domain name is "ourdomain.com"
2. Our website is "www.ourdomain.com" running on an IIS server that is a member of the domain "ourdomain.com"
3. Our DNS zone for ourdomain.com contains an A record for www.ourdomain.com.
4. there is a blank A record for "ourdomain.com that points to the same IP as "www.ourdomain.com"
5. There are 4 DNS Servers for the domain "ourdomain.com"
The problem is that the DNS servers for the domain also create blank A records pointing to the IP address of the of the DNS Servers. Wehn DNS resolves the name "ourdomain.com" you will get all 5 blank a records in random order. this means that there is a one in 5 chance that our website will come up in a browser if a user types in "http://ourdomain.com" instead of "http://www.ourdomain.com"
I cannot delete the A records for the DNS servers and there seems to be no way in Microsoft DNS to specify the order that the A records are returned.
So my question is, using the scenario given, meaning that changing domain names or DNS servers are not an option, how do I get our website blank A record to be the proper response to an HTTP request for "ourdomain.com"?
1. Our active Directory domain name is "ourdomain.com"
2. Our website is "www.ourdomain.com" running on an IIS server that is a member of the domain "ourdomain.com"
3. Our DNS zone for ourdomain.com contains an A record for www.ourdomain.com.
4. there is a blank A record for "ourdomain.com that points to the same IP as "www.ourdomain.com"
5. There are 4 DNS Servers for the domain "ourdomain.com"
The problem is that the DNS servers for the domain also create blank A records pointing to the IP address of the of the DNS Servers. Wehn DNS resolves the name "ourdomain.com" you will get all 5 blank a records in random order. this means that there is a one in 5 chance that our website will come up in a browser if a user types in "http://ourdomain.com" instead of "http://www.ourdomain.com"
I cannot delete the A records for the DNS servers and there seems to be no way in Microsoft DNS to specify the order that the A records are returned.
So my question is, using the scenario given, meaning that changing domain names or DNS servers are not an option, how do I get our website blank A record to be the proper response to an HTTP request for "ourdomain.com"?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
don;t delete the A records for the DNS servers, just delete the records for just the domain (there should be one for each DNS server IP)
ASKER
This was a good article that lead me to the conclusion that I needed to install IIS on all of my DNS servers (CRINGE), then setup a redirect on the default website to the main website. There is no need to delete the blank A record, however it will probably never be used.
So, you have internal or external DNS servers? Or both?
Are the users having issues internally or externally only?